Menu

M2M FEATURE NEWS

Mocana Verifies Integration with IoT Platforms

By Paula Bernier September 21, 2017

Mocana has verified integration with the Amazon Web Services, Microsoft Azure IoT, and VMware Internet of Things platforms. The company, which provides embedded security software for industrial control systems and IoT devices, also is integrated with the GE Predix Machine.

The Mocana software is U.S. National Institute of Standards and Technology FIPS 140-2 cybersecurity standard certified. That makes it a good match for commercial, enterprise, government, and industrial applications, the company says.

The software development kits device designers and developers typically use to connect to analytics and cloud resources leverage TLS, Mocana says. But it adds that its solution is more secure than the open source TLS software known as OpenSSL, which the company notes has been reported to have more than 250 vulnerabilities.

And the 15-year-old company prides itself on making it easy for developers to replace OpenSSL with its own technology. To enable that Mocana created an OpenSSL connector. That allows applications to continue using OpenSSL APIs to call cryptographic functions that are then executed by Mocana’s crypto engine rather than OpenSSL’s engine. This feature is available in version 6.5 of Mocana.

Internet of Things security has become a high-profile topic in recent years. And it’s an important one, given that the growing number of IoT devices continues to expand the threat surface, and considering that security was an afterthought – if it was a thought at all – in many early generation connected things.

One of the latest connected device security problems we’ve learned about is being called BlueBorne. A company called Armis Labs explains that it attacks Android, iOS, Windows, and Linux devices via Bluetooth. That enables attackers to take control of devices, access corporate data and networks, and even penetrate secure air-gapped networks and spread malware to adjacent devices, the IoT security company says.

According to Steve Brumer, partner at 151 Advisors, most IoT security problems involve devices for which vulnerabilities have been identified and patches are available, but which nonetheless have not been updated.

“Currently, there is no checklist or approval process to indicate that a device meets such standards,” says Brumer. “Every restaurant has a rating of 0 – 100 at the front door, but home cameras don’t have a rating system that indicates if a device is future proof for security threats. Can it receive OTA updates? Can the device check for patches every week? Who is ultimately responsible for updating the device?

“The most secure device would look for new patches every day, and the burden to update the device would be on the manufacturer,” Brumer adds. “A less secure device would require the end user to check for patches and manually update the device, which in reality would never happen. If you ask most consumers who is responsible for updating the software on their home cameras, those in the tech industry will not know, and those who are not tech savvy may reply ‘What? There is software in the camera?’”




Edited by Ken Briodagh

Executive Editor, TMC

SHARE THIS ARTICLE
Related Articles

Panasonic Announces New Connectivity Service for Mobile Workforce

By: Ken Briodagh    10/19/2017

Panasonic P.180 Connectivity Service Will Offer Seamless LTE Connectivity Worldwide

Read More

Verizon, Qualcomm and Novatel Collaborate on 5G NR mmWave Trials and Deployment

By: Ken Briodagh    10/18/2017

New partners commit to a common mobile and fixed 3GPP compliant specification for 28 GHz and 39 GHz mmWave spectrum bands

Read More

CENTRI Announces IoT Advanced Security for Arm Mbed

By: Ken Briodagh    10/17/2017

CENTRI, a provider of IoT security, has announced that its Internet of Things Advanced Security (IoTAS) now supports the Arm Mbed IoT Device Platform.

Read More

Samsung Image Sensors Bring New Attributes to IoT Applications

By: Ken Briodagh    10/12/2017

Samsung releases ISOCELL Fast 2L9 with Dual Pixel technology and ISOCELL Slim 2X7 with Tetracell technology

Read More

Laird Brings Bluetooth Dual-Mode to HCI Modules

By: Ken Briodagh    10/12/2017

In a recent release, global technology company Laird has announced a new line of Bluetooth-qualified Class 1 HCI modules for rapid enablement of Bluet…

Read More